<?php

define('LR_MERCHANT_SECURIRY_WORD', 'bim4ttukho4');
define('LR_MERCHANT_STORE', 'vietlodestore');
define('LR_ACC_ID', 'U2463845 ');

$link = mysql_connect('vietlode.db.9170001.hostedresource.com', 'vietlode', 'Abc123!');
mysql_select_db('vietlode', $link);

$str = "Deposit data".print_r($_REQUEST, TRUE);
$query = "INSERT INTO ld_log(category, level, message, log_date) VALUES ('status.php','info','$str',NOW())";
mysql_query($query, $link);

$str = $_REQUEST["lr_paidto"].":".$_REQUEST["lr_paidby"].":".stripslashes($_REQUEST["lr_store"]).":".
        $_REQUEST["lr_amnt"].":".$_REQUEST["lr_transfer"].":".$_REQUEST["lr_currency"].":".LR_MERCHANT_SECURIRY_WORD;

//Calculating hash
$hash = strtoupper(bin2hex(mhash(MHASH_SHA256, $str)));

$query = "INSERT INTO ld_log(category, level, message, log_date) VALUES ('status.php','info','$str',NOW())";
mysql_query($query, $link);

$query = "INSERT INTO ld_log(category, level, message, log_date) VALUES ('status.php','info','hash tÃ­nh toÃ¡n: $hash',NOW())";
mysql_query($query, $link);

$debugstring="OOOOO".$_REQUEST["lr_paidto"]."<=>".strtoupper(LR_ACC_ID)."___".stripslashes($_REQUEST["lr_store"])."<=>".LR_MERCHANT_STORE."__".$_REQUEST["lr_encrypted"]."<=>".$hash."   lr_ec2 : ".$_REQUEST["lr_encrypted2"];

$query = "INSERT INTO ld_log(category, level, message, log_date) VALUES ('status.php','debug','chuoi so sanh : $debugstring',NOW())";
mysql_query($query, $link);

if ( isset($_REQUEST["lr_paidto"]) && $_REQUEST["lr_paidto"] = strtoupper(LR_ACC_ID) &&
        isset($_REQUEST["lr_store"]) && stripslashes($_REQUEST["lr_store"]) == LR_MERCHANT_STORE &&
        isset($_REQUEST["lr_encrypted"]) && $_REQUEST["lr_encrypted"] == $hash)
{
    // Payment was verified and is successful
	$query = "INSERT INTO ld_log(category, level, message, log_date) VALUES ('status.php','debug','Payment was verified and is successful',NOW())";
	mysql_query($query, $link);
    $lr_amnt = isset($_REQUEST['lr_amnt']) ? $_REQUEST['lr_amnt'] : 0;
    $user_id = isset($_REQUEST['uuid']) ? $_REQUEST['uuid'] : '';
    if ($user_id != '')
    {
        $query2 = "UPDATE ld_user SET lr_money = lr_money + $lr_amnt WHERE user_id='$user_id'";
        if (mysql_query($query2, $link))
        {
            $query = "INSERT INTO ld_log(category, level, message, log_date) VALUES ('status.php','info','Náº¡p tiá»�n thÃ nh cÃ´ng cho user cÃ³ user_id = $user_id. ThÃªm $lr_amnt LRUSD',NOW())";
            mysql_query($query, $link);
            
            // LÆ°u log náº¡p tiá»�n
            $query = "INSERT INTO ld_deposit_history(user_id, deposit_date, lr_amount, lr_currency) VALUES ('{$user_id}', NOW(), '{$lr_amnt}', '{$_REQUEST['lr_currency']}')";
            mysql_query($query, $link);
        }
    }
}
else
{
	if (!($_REQUEST["lr_paidto"] = strtoupper(LR_ACC_ID))){
		$tmp=strtoupper(LR_ACC_ID);
		$tmp2=$_REQUEST["lr_paidto"];
	    $query = "INSERT INTO ld_log(category, level, message, log_date) VALUES ('status.php','debug','1 $tmp2 Nap tien bat thuong 1 $tmp',NOW())";
    mysql_query($query, $link);
	}
    if (!($_REQUEST["lr_store"] == LR_MERCHANT_STORE)){
    	$query = "INSERT INTO ld_log(category, level, message, log_date) VALUES ('status.php','debug','2 Nap tien bat thuong 2',NOW())";
    mysql_query($query, $link);
    }
    if (!($_REQUEST["lr_encrypted"] == $hash)){
    	$query = "INSERT INTO ld_log(category, level, message, log_date) VALUES ('status.php','debug','3 Nap tien bat thuong 3',NOW())";
    mysql_query($query, $link);
    }
}
?>